you can add capabilities to the editor role using the role object and add_cap from you functions.php <?php // get the the role object $editor = get_role(‘editor’); // add $cap capability to this role object $editor->add_cap(‘edit_theme_options’); ?> you can also remove capabilities: $editor->remove_cap(‘delete_posts’); just take a look at the list of capabilities and what each … Read more
Use Nonces (when not using Settings API) Plugins and Themes should explicitly provide Settings-page nonce checking, if not using the Settings API: WordPress Nonces (Codex) WordPress Nonces (Mark Jaquith) Improving security in WordPress plugins using Nonces (Vladimir Prelovac) 5 tips for using AJAX in WordPress > 3. Use nonces and check for permission (Gary Cao)
When WordPress activates a plugin, it calls the activate_plugin() function. This function activates the plugin in a sandbox and redirects somewhere else on success. It’s been used by a few authors to programmatically activate plugin dependencies. There’s another function, deactivate_plugins(), that does a similar thing in reverse … it’s actually how WordPress deactivates plug-ins when … Read more
It’s stored in the database, within the wp_posts table, under the custom_css post type, where the post name is the theme slug. There you also have the related customize_changeset and revision post types. The custom css post ID is also stored in the wp_options table under each theme mods, e.g. theme_mods_twentysixteen for Twenty Sixteen. It’s … Read more
WordPress Offical Repository http://wordpress.org/extend/themes Official repository hosted by WordPress. Hosts several free themes and offers automatic updates.
This will display the title of the page when a static page is set to show posts. E.g. I show posts on my homepage… It’ll do nothing. If I, say, show posts on page titled News… It’ll show News in H1. This is used so that the title of the page is shown, whenever posts … Read more
I can understand your confusion based on the example you provided. That’s really a poor way to use a class … and just because a class is used, doesn’t make a system OOP. In the case of Hybrid, they’re just using a class to namespace their functions. Considering Hybrid is a theme framework, this is … Read more
I see in filters.php “add_action( ‘wp_head’, ‘rest_output_link_wp_head’, 10, 0 )” Which makes me think this should do the trick to remove rel=”https://api.w.org/”. remove_action( ‘wp_head’, ‘rest_output_link_wp_head’ ); The rest… * cough * seem to be in default-filters.php remove_action( ‘wp_head’, ‘wp_oembed_add_discovery_links’ ); To remove the rest_output_link_header remove_action( ‘template_redirect’, ‘rest_output_link_header’, 11 ); Reference wp_oembed_add_discovery_links rest_output_link_wp_head rest_output_link_header
Bare bone themes are great, personally I prefer them over frameworks. I have noticed that ‘liking’ one over another comes down to how it feels, so I would suggest trying several out until you find one. For instance a lot people like WordPress boilerplate but I could not get the hang of it. My current … Read more
Add the following to wp-config.php: define( ‘FS_METHOD’, ‘direct’ ); Let me know how it works for you.